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DETAILED ACTION 

1. Claims 1-41 have been presented for examination. Claims 1-20 have been canceled in a 
preliminary amendment filed 02/29/2000. Claims 21-41 have been examined. 

Priority 

2. Acknowledgment is made that the instant application is a division of Application No. 
07/479,666, filed 02/13/1990, now U.S. Patent No. 6,507,909 Bl. 

3. Applicant has not complied with one or more conditions for receiving the benefit of an 
earlier filing date under 35 U.S.C. 121 as follows: 

An application in which the benefits of an earlier application are desired must contain a 
specific reference to the prior applications) in the first sentence of the specification of in an 
application data sheet (37 CFR 1.78(a)(2) and (a)(5)). The specific reference to any prior 
nonprovisional application must include the relationship (i.e., continuation, divisional, or 
continuation-in-part) between the applications except when the reference is to a prior application 
of a CPA assigned the same application number. 

Res Judicata 

4. In the letter attached with the information disclosure statement, filed 09/12/2001, Paper 
No. 4, page 2, lines 3-14, the applicant, citing Pfajfv. Wells Electronics, 5 F.3d 514, 518 (Fed. 
Cir. 1993), states the Office may be estopped from rejecting claims 38-41 based on the 
combination of the references, UNIX Operating System and Dunford, "Filer, Version 2.20 User 
Documentation," because of the judgment reversing the rejection of claims 1, 4, and 5 of 
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Application No. 07/479,666 under 35 U.S.C. 103(a) based on these references in In re Zurko, 59 
U.S.P.Q.2d 1693 (Fed. Cir. 2001). 

5. Res judicata does not apply when the claims at issue in the child application are different 
from those in the previously adjudicated parent application. See MPEP § 706.03(w); In re Fried, 
136 USPQ 429, 431 (C.C.P.A. 1963). Additionally, in the situation of different claims in the 
divisional application, the grounds of rejection of the claims in this application may be based on 
the same statutory basis, such as 35 U.S.C. 103(a), and the combination of the same references, 
but supported by different reasoning than that used to reject claims in the previously litigated 
parent application. See In re Hellbaum, 152 USPQ 571, 572 (C.C.P.A. 1967). In Pfaff, res 
judicata was limited to the issue of claim construction of the same claims at issue in both 
infringement actions. See Pfaff, 28 USPQ2d 1119, 1121 (Fed. Cir. 1993). Theinstant 
application is distinguished from Pfaff in that the claims at issue are different from those in the 
parent case. 

6. In the instant application, claims 38-41 are the same as claims 6-9, respectively, of 
Application No. 07/479,666. They are patently distinct from claims 1, 4, and 5 of Application 
No. 07/479,666 because they represent a subcombination useable together. See MPEP § 
806.05(d) and Paper No. 17 of Application 07/479,666, mailed 07/21/1993. 

Drawings 

7. Formal drawings are required in this application because they are missing. The formal 
drawings are required in reply to the Office action to avoid abandonment of the application. The 
requirement for formal drawings will not be held in abeyance. 
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Claim Objections 

8. Claim 24 is objected to because of the following informality: delete "trust" in line 2 and 
replace with -trusted--. Appropriate correction is required. 

9. Claim 35 is objected to under 37 CFR 1 .75(c), as being of improper dependent form for 
failing to further limit the subject matter of a previous claim. Applicant is required to cancel the 
claim, or amend the claim to place the claim in proper dependent form, or rewrite the claim in 
independent form. Claim 35 recites the limitation, "transitioning from the untrusted mode to the 
untrusted mode," which does not result in a change in the method incorporated in the base claim. 
This objection can be overcome by deleting the first "untrusted" in line 2 and replacing with 
—trusted-. 



Claim Rejections - 35 USC § 102 
10. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the United 
States before the invention thereof by the applicant for patent, or on an international application by another who 
has fulfilled the requirements of paragraphs (1), (2), and (4) of section 371(c) of this title before the invention 
thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act of 1999 
(AIPA) and the Intellectual Property and High Technology Technical Amendments Act of 2002 
do not apply when the reference is a U.S. patent resulting directly or indirectly from an 
international application filed before November 29, 2000. Therefore, the prior art date of the 
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reference is determined under 35 U.S.C. 102(e) prior to the amendment by the AIPA (pre-AIPA 
35 U.S.C. 102(e)). 

1 1 . Claims 29-37 are rejected under 35 U.S.C. 102(e) as being anticipated by John et al., 
U.S. Patent No. 4,918,653 A. 

As per claim 29, Johri et al. describe a method of processing a trusted command 
comprising: 

interpreting a trusted command in an untrusted mode (see column 27, lines 3-6; figure 13; 
pressing the Secure Attention Key to be interpreted in the untrusted mode; see column 22, lines 
16-20; causing the line discipline driver to send a SIGSAK signal to all processes within the 
untrusted mode running on the terminal to terminate); and 

executing the trusted command in a trusted mode (see column 22, lines 25-38; forking a 
new child process to create a trusted shell then creating a trusted path for the user's terminal and 
protecting the terminal from reading and writing by unauthorized programs). 

As per claim 30, Johri et al. further mention: 

communicating a representation of the trusted command in the trusted mode (see column 
22, lines 40-46; changing the utjype field for the terminal to TSH_PROCESS in the /etc/utmp 
file). 



As per claim 31, Johri et al. then discuss: 
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verifying the trusted command in the trusted mode after the communicating (see column 
22, lines 53-55; detecting the trusted shell by reading the corresponding /etc/utmp entry). 

As per claim 32, Johri et al. moreover point out: 

requesting confirmation of the trusted command in the trusted mode (see column 22, lines 
53-55; when the user requests to exit the trusted shell). 

As per claim 33, Johri et al. also specifies: 

using the trusted command in the untrusted mode (see column 22, lines 16-20; sending 
the" SIGSAK signal to all processes within the controlling terminal process group in the untrusted 
shell to terminate the user processes). 

As per claim 34, Johri et al. next delineate: 

transitioning from the untrusted mode to the trusted mode (see column 22, lines 23-38; if 
the trusted path is not created, creating the trusted path; see column 27, lines 3-8; figure 13; 
terminating the untrusted shell and creating in its place the trusted shell). 

As per claim 35, Johri et al. alternatively discuss: 

transitioning from the untrusted mode to the untrusted mode (see column 26, lines 2-12; 
figure 8, State SI; before login in the untrusted shell in State 1, pressing the Secure Attention 
Key immediately comes back to State 1). 
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As per claim 36, Johri et al. further elaborate that: 

issuing a message to indicate a transition to the untrusted mode before the transitioning 
step (see column 22, lines 16-20; sending a SIGSAK signal to all processes within the untrusted 
mode running on the terminal to terminate). 

As per claim 37, Johri et al. subsequently describe: 

detecting if a command is a trusted command in an untrusted mode (see column 26, lines 
9-23; figure 8, States SI, S2, and S3; carrying out the command of pressing the Secure Attention 
Key if the user has successfully logged in). 

Claim Rejections - 35 USC § 103 

12. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 02 of this title, if the differences between the subject matter sought to be patented and the^pnor art are 
such tL the ubject matter as a whole would have been obvious at the time me invention was made to a person 
Sng ordinary skill in the art to which said subject matter pertains. Patentab.hty shall not be negat.ved by the 

manner in which the invention was made. 

13. Claims 21-28 are rejected under 35 U.S.C. 103(a) as being unpatentable over Johri et al. 
U.S. Patent No. 4,91 8,653 A in view of Rivest et al., U.S. Patent No. 4,405,829 A. 

As per claim 21 , Johri et al. illustrates a computing environment to process a trusted 

command, comprising: 

an untrusted environment to encrypt a trusted command to be compared with encrypted 
passwords on a list (see column. 26, lines 2-7 and 15-17; figure 8, States 1 and 2; State 1 is before 
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login and State 2 is the state after login in an untrusted shell, but before the trusted shell; see 
column 26, lines 48-61 ; figure 1 1 ; the login program encrypts the password entered by the user 

as a command to login); and 

a trusted environment to receive the trusted command from the untrusted environment 
(see column 27, lines 33-36; figure 14; typing the password command where the password 
command is in the trusted shell) and to communicate a representation of the trusted command 
(see column 27, lines 41-44; figure 14; having that command execute and then returning to the 
trusted shell). 

Although Johri et al. disclose encrypting a trusted command (see column 26, lines 48-61; 
figure 1 1 ; the login program encrypts the password entered by the user as a command to login), 
they do not explicitly teach parsing a trusted command. 

Rivest et al. describe encrypting a message by parsing (see column 4, lines 32-37; 
breaking the message into message block words before encoding). 

Therefore, it would have been obvious to one of ordinary skill in the computer art at the 
time the invention was made to combine the computing environment of Johri et al. with the 
parsing of Rivest et al. to have a public key stored in an untrusted environment for encrypting a 
password to be compared with a list of encrypted passwords that cannot be decrypted by the 
public key (see column 26, lines 43-51). 

As per claim 22, Johri et al. further point out: 

that the trusted environment executes the trusted command (see column 27, lines 33-39; 
figure 14; the first transition in the trusted shell involves the execution of the password 
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command 



id) if the trusted environment detects confirmation of the trusted command (see column 
26, lines 1 1-25; figure 8; where the trusted shell is available only after a successful login with the 
correct password). 

As per claim 23 , Johri et al. also describe : 

the representation of the trusted command is communicated through a trusted path (see 
column 27, lines 41-44; figure 14; returning the command to the trusted shell; see column 27, 
lines 21-28; figure 13; establishing the trusted path; see column 27; lines 9-12; figure 13; 
between the user and the trusted shell); 

As per claim 24, Johri et al. additionally specify: 

that the trusted path is between the user and the trust environment (see column 27, lines 
9-12; figure 1 3; the trusted path between the user and the trusted shell). 

As per claim 25, Johri et al. then mention: 

a user interface to communicate with the untrusted environment (see column 26, lines 48- 
52; figure 1 1 ; a terminal for the user to login to the untrusted shell) and the trusted environment 
(see column 26, lines 3-7; figure 8; user is actually in the trusted shell). 



As per claim 26, Johri et al. depict a method of processing a trusted command, 
comprising: 
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encrypting a trusted command to be compared with encrypted passwords on a list, in an 
untrusted mode of a system (see column 26, lines 2-7 and 15-17; figure 8, States 1 and 2; State 1 
is before login and State 2 is the state after login in an untrusted shell, but before the trusted 
shell; see column 26, lines 48-6 1 ; figure 1 1 ; the login program encrypts the password entered by 

the user as a command to login); 

establishing a trusted mode of the system (see column 26, lines 3-7; figure 8, State 3; the 

user going into the trusted shell); and 

communicating a representation of the trusted command in the trusted mode (see column 
27, lines 41-44; figure 14; having the password command execute and then returning to the 
trusted shell). 

Although Johri et al. disclose encrypting a trusted command (see column 26, lines 48-61 ; 
figure 1 1 ; the login program encrypts the password entered by the user as a command to login), 
they do not explicitly teach parsing a trusted command. 

Rivest et al. describe encrypting a message by parsing (see column 4, lines 32-37; 
breaking the message into message block words before encoding). 

Therefore, it would have been obvious to one of ordinary skill in the computer art at the 
time the invention was made to combine the method of Johri et al. with the parsing of Rivest et 
al. to have a public key stored in an untrusted environment for encrypting a password to be 
compared with a list of encrypted passwords that cannot be decrypted by the public key (see 
column 26, lines 43-5 1). 



As per claim 27, Johri et al. further point out: 
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executing the trusted command in the trusted mode (see column 27, lines 33-39; figure 
14; the first transition in the trusted shell involves the execution of the password command) if 
confirmation of the trusted command is detected (see column 26, lines 1 1-25; figure 8; where the 
trusted shell is available only after a successful login with the correct password). 



As per claim 28, Johri et al. next discuss: 

displaying a representation of the trusted command (see column 5, lines 22-26; figure 1; a 
display for characters sent to the display device; see column 27, lines 41-44; issuing the 
password command resulting in the changed password displayed to the user). 

Allowable Subject Matter 

14. Claims 38-41 are allowed. 

15. The following is an examiner's statement of reasons for allowance: 

Claims 38-41 are drawn to method for executing a trusted command. The closest prior 
art, Johri et al. U.S. Patent No. 4,91 8,653 A in view of Rivest et al., U.S. Patent No. 4,405,829 A, 
disclose a similar method. Johri et al. describes encrypting a trusted command to be compared 
with encrypted passwords on a list, in an untrusted mode of a system (see column 26, lines 2-7 
and 15-17; figure 8, States 1 and 2; State 1 is before login and State 2 is the state after login in an 
untrusted shell, but before the trusted shell; see column 26, lines 48-61 ; figure 1 1 ; the login 
program encrypts the password entered by the user as a command to login). Rivest et al. specify 
encrypting a message by parsing (see column 4, lines 32-37; breaking the message into message 
block words before encoding). However, they teach away from submitting the parsed command 
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to the trusted computing environment; and performing a security check on the parsed command 
and user identification data in the trusted computing environment. This composite recitation 
explicitly incorporated into independent claim 38 renders claims 38-41 allowable. 

Any comments considered necessary by applicant must be submitted no later than the 
payment of the issue fee and, to avoid processing delays, should preferably accompany the issue 
fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for 
Allowance." 

Conclusion 

16. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

• Dept. of Defense, "Dept. of Defense Trusted Computer System Evaluation Criteria," sets 
forth a standard of security features that satisfy trust requirements to prevent disclosure of 
data for sensitive applications 



Telephone Inquiry Contacts 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Justin T. Darrow whose telephone number is (703) 305-3872 and 
whose electronic mail address isjustin.darrow@uspto.gov. The examiner can normally be 
reached Monday-Friday from 8:30 AM to 5:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron, Jr., can be reached at (703) 305-1830. 
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The fax number for Formal or Official faxes to Technology Center 2100 is (703) 872- 
9306. In order for a formal paper transmitted by fax to be entered into the application file, the 
paper and/or fax cover sheet must be signed by a representative for the applicant. Faxed formal 
papers for application file entry, such as amendments adding claims, extensions of time, and 
statutory disclaimers for which fees must be charged before entry, must be transmitted with an 
authorization to charge a deposit account to cover such fees. It is also recommended that the 
cover sheet for the fax of a formal paper have printed "OFFICIAL FAX". Formal papers 
transmitted by fax usually require three business days for entry into the application file and 
consideration by the examiner. Formal or Official faxes including amendments after final 
rejection (37 CFR 1.116) should be submitted to (703) 872-9306 for expedited entry into the 
application file. It is further recommended that the cover sheet for the fax containing an 
amendment after final rejection have printed not only "OFFICIAL FAX" but also 
"AMENDMENT AFTER FINAL". 

Any inquiry of a general nature or relating to the status of this application should be 
directed to the Group receptionist whose telephone number is (703) 305-3900. 
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JUSTIN T. DARROW 
PRIMARY EXAMINER 
TECHNOLOGY CENTER 2100 



